Account establishment and transaction management using biometrics and intelligent recommendation engine

ABSTRACT

Aspects of the disclosure relate to identity management and recommendation. A computing platform may receive a request to access information associated with one or more user accounts. The computing platform may send a biometric authentication prompt for identifying a user. The computing platform may receive biometric input of the user. The computing platform may retrieve one or more biometric enrollment templates from a database. The computing platform may compare the biometric input to the one or more biometric enrollment templates to determine if a match exists between the biometric input and one of the one or more biometric enrollment templates. Responsive to the user being authenticated based upon a match, the computing platform may retrieve and send information associated with the one or more user accounts. The computing platform may generate and send one or more recommendations associated with usage of the one or more user accounts.

BACKGROUND

Aspects of the disclosure generally relate to one or more computersystems, servers, and/or other devices including hardware and/orsoftware. In particular, one or more aspects of the disclosure relate toidentity management and personalized intelligent recommendation.

As we move to a cashless society, there are still many individuals whoremain “unbanked” (e.g., lack access to a bank account). In manyinstances, an individual might not have sufficient identification,address, or other information required to open an account, or are unableto, or lack the knowledge to, manage their own account. As a result, theunbanked are often left to rely on costly alternative financial productsand services (e.g., provided outside of traditional bankinginstitutions). Also, in many instances, an individual, even if banked,might have difficulty remembering a personal identification (PIN),password, or the like, adding friction to the user experience. Inaddition, an individual, banked or unbanked, might be faced with anemergency or life event which might make it difficult or impossible toaccess identification documents. In any of these instances, suchindividuals may wish to use biometrics to establish an account orauthorize a transaction. It may be difficult to use traditional tools tofacilitate such transactions.

SUMMARY

The following presents a simplified summary in order to provide a basicunderstanding of some aspects of the disclosure. The summary is not anextensive overview of the disclosure. It is neither intended to identifykey or critical elements of the disclosure nor to delineate the scope ofthe disclosure. The following summary merely presents some concepts ofthe disclosure in a simplified form as a prelude to the descriptionbelow.

Aspects of the disclosure provide effective, efficient, scalable, andconvenient technical solutions that address and overcome the technicalproblems associated with identity management. In accordance with one ormore embodiments, a computing platform having at least one processor, acommunication interface, and memory may receive a request from acomputing device to access information associated with one or more useraccounts. The computing platform may send a biometric authenticationprompt to the computing device for identifying a user of the computingdevice. The computing platform may receive, from the computing device,biometric input of the user. The computing platform may retrieve one ormore biometric enrollment templates from a database. The computingplatform may compare the biometric input to the one or more biometricenrollment templates to determine if a match exists between thebiometric input and one of the one or more biometric enrollmenttemplates. The computing platform may authenticate the user based upon amatch of the biometric input and one of the one or more biometricenrollment templates. Responsive to the user being authenticated usingthe biometric input, the computing platform may retrieve informationassociated with the one or more user accounts. The computing platformmay send the information associated with the one or more user accountsto the computing device. The computing platform may generate, using amachine learning model, one or more recommendations associated withusage of the one or more user accounts. The computing platform may sendthe one or more recommendations to the computing device.

In some embodiments, the computing platform may receive biometricenrollment data of the user captured by a biometric sensor, generate abiometric enrollment template based on the biometric enrollment data,and transmit the biometric enrollment template for storage inassociation with one or more user accounts. In some arrangements, basedon receiving the biometric enrollment data of the user, the computingplatform may register an account for the user without requiring the userto provide additional identifying information.

In some examples, retrieving information associated with one or moreuser accounts may include transmitting a user identity verification toan enterprise server and retrieving the information associated with theuser account from the enterprise server.

In some embodiments, the one or more user accounts may include anaccount for which the user is an authorized co-user.

In some example arrangements, the biometric authentication prompt isconfigured to prompt the user of a mobile device to provide biometricinput via a biometric sensor integrated into the mobile device.

In some examples, receiving the biometric input of the user may includereceiving hand-related features or head-related features of the user.

In some embodiments, receiving the biometric input of the user mayinclude receiving one or more of: a fingerprint, a palm print, avoiceprint, a retinal scan, an iris scan, a face scan, or a vein scan ofthe user.

In some embodiments, the computing platform may receive, from thecomputing device, a second biometric input of the user to initiate apayment transaction associated with one or more user accounts; comparethe second biometric input to the one or more biometric enrollmenttemplates to determine if a match exists between the second biometricinput and one of the one or more biometric enrollment templates;authenticate the user based upon a match of the second biometric inputand one of the one or more biometric enrollment templates; andresponsive to the user being authenticated using the second biometricinput, transmit a notification may include a transaction verification toan enterprise server.

In some arrangements, the computing platform may process the biometricinput to identify duress information associated with the biometric inputof the user, and send one or more notifications based on the duressinformation. In some examples, sending the one or more notifications mayinclude sending one or more alert messages to an enterprise server.

These features, along with many others, are discussed in greater detailbelow.

BRIEF DESCRIPTION OF THE DRAWINGS

The present disclosure is illustrated by way of example and not limitedin the accompanying figures in which like reference numerals indicatesimilar elements and in which:

FIGS. 1A and 1B depict an illustrative computing environment foridentity management and intelligent recommendation in accordance withone or more example embodiments;

FIGS. 2A-2I depict an illustrative event sequence for identitymanagement and intelligent recommendation in accordance with one or moreexample embodiments;

FIGS. 3 and 4 depict example graphical user interfaces for identitymanagement and intelligent recommendation in accordance with one or moreexample embodiments; and

FIG. 5 depicts an illustrative method for identity management andintelligent recommendation in accordance with one or more exampleembodiments.

DETAILED DESCRIPTION

In the following description of various illustrative embodiments,reference is made to the accompanying drawings, which form a parthereof, and in which is shown, by way of illustration, variousembodiments in which aspects of the disclosure may be practiced. It isto be understood that other embodiments may be utilized, and structuraland functional modifications may be made, without departing from thescope of the present disclosure.

It is noted that various connections between elements are discussed inthe following description. It is noted that these connections aregeneral and, unless specified otherwise, may be direct or indirect,wired or wireless, and that the specification is not intended to belimiting in this respect.

As a brief introduction to the concepts described further herein, one ormore aspects of the disclosure relate to facilitating the use ofbiometrics to establish an account or authorize payment. Morespecifically, in an emergency or following a life event, users, bankedor unbanked, may rely on biometrics to gain access to financial accountsand/or receive personalized recommendations. By way of non-limitingexamples, a user's home and property might be destroyed in an accidentor natural disaster, a person may be forced to flee an area and/or partwith their belongings, a person might not have a valid form ofidentification. In these and other such situations, users might not haveor lack access to identification documents, but may instead providetheir identity via biometrics to gain access to accounts or services.Due to the ability to quickly authorize a biometric input withoutnecessarily requiring additional access credentials, a positive userexperience may be provided. Additionally, preventing unauthorized usersfrom accessing private or confidential information using biometrics, andin some cases preventing potentially unauthorized activity on a useraccount, further provides benefits to both account holders andenterprise organizations associated with the account. Other benefits andadvantages will be appreciated with the benefit of the additionaldisclosures set forth below. Additional aspects of the disclosure allowunbanked or underbanked individuals (e.g., who might not have bankaccounts or who use nonbank financial services, have limited options forbanking in traditional financial institutions, or the like), to engageor gain access to various services of a financial institution. Furtheraspects of the disclosure may provide an identity management andrecommendation computing platform for monitoring user activity,detecting trends, and generating recommendations (e.g. providingrecommendations for next steps, such as directing users to resources andtools).

FIGS. 1A and 1B depict an illustrative computing environment foridentity management and intelligent recommendation in accordance withone or more example embodiments. Referring to FIG. 1A, computingenvironment 100 may include one or more computing devices and/or othercomputing systems. For example, computing environment 100 may includeidentity management and recommendation computing platform 110, usercomputing device 120, enterprise server infrastructure 130, andenterprise data storage platform 140. Although one user computing deviceis shown for illustrative purposes, any number of user computing devicesmay be included without departing from the disclosure.

As illustrated in greater detail below, identity management andrecommendation computing platform 110 may include one or more computingdevices configured to perform one or more of the functions describedherein. For example, identity management and recommendation computingplatform 110 may include one or more computers (e.g., laptop computers,desktop computers, servers, server blades, or the like).

User computing device 120 may include one or more computing devicesand/or other computer components (e.g., processors, memories,communication interfaces). In addition, and as illustrated in greaterdetail below, user computing device 120 may be configured to receiveinformation from, send information to, and/or otherwise exchangeinformation with one or more devices described herein. User computingdevice 120 may be equipped with a biometric sensor and may, among otherfunctions, be configured to receive biometric inputs and to transmitbiometric data to other devices as described herein.

User computing device 120 may be a mobile computing device (e.g.,smartphone, tablet, smart watch, laptop computer, or the like) ordesktop computing device (e.g., desktop computer, terminal, or the like)and/or may include a smart speaker or other related devices. Inaddition, user computing device 120 may be linked to and/or used by afirst user (who may, e.g., be a customer of an enterprise organization(e.g., a financial institution) associated with enterprise serverinfrastructure 130 and enterprise data storage platform 140), but mayalso accessible to other users. User computing device 120 may be used tointeract with an account for an enterprise organization (e.g., an onlinebanking account, mobile banking application, or the like).

User computing device 120 may include one or more sensors for use incapturing or otherwise sensing biometric information of a user of usercomputing device 120. For example, user computing device 120 may includeone or more sensors within the device and one or more sensors externallyconnected to user computing device 120, such as biometric sensors whichmay be communicatively coupled to user computing device 120 via an I/Oport. User computing device 120 may further include one or more of anaudio input (e.g., a microphone), a fingerprint sensor, a camera (e.g.,a still camera, a video camera, an infrared/biometric camera, and thelike), and/or a location sensor (e.g., a GPS device, a triangulationdevice such as a telecommunications modem, and the like).

Enterprise server infrastructure 130 may include one or more computingdevices and/or other computer components (e.g., processors, memories,communication interfaces). In addition, and as illustrated in greaterdetail below, enterprise server infrastructure 130 may be configured tohost, execute, and/or otherwise provide one or more enterpriseapplications. Enterprise server infrastructure 130 may also beconfigured to receive information from, send information to, and/orotherwise exchange information with one or more devices as describedherein. The location where enterprise server infrastructure 130 isdeployed may be remote from identity management and recommendationcomputing platform 110 and/or user computing device 120.

For example, enterprise server infrastructure 130 may be configured tohost, execute, and/or otherwise provide one or more speech processingprograms, machine learning models, an enterprise mobile application foruser devices, and/or other programs associated with an enterpriseserver. In some instances, enterprise server infrastructure 130 may beconfigured to provide various enterprise and/or back-office computingfunctions for an enterprise organization, such as a financialinstitution. For example, enterprise server infrastructure 130 mayinclude various servers and/or databases that store and/or otherwisemaintain account information, such as financial account informationincluding account balances, transaction history, account ownerinformation, and/or other information. In addition, enterprise serverinfrastructure 130 may process and/or otherwise execute tasks onspecific accounts based on commands and/or other information receivedfrom other computer systems included in computing environment 100.Additionally, or alternatively, enterprise server infrastructure 130 mayreceive instructions from identity management and recommendationcomputing platform 110 and then execute those instructions.

In some examples, enterprise server infrastructure 130 may be acomponent of a banking system. The banking system may include a customerdatabase and various communication portals that provide access to thebanking system. The communication portals of the banking system serve asentry points into the banking system to receive communications from aremote location, such as user computing device 120. The banking systemmay also include different types of communication portals to allowindividuals to access the banking system using different types ofdevices. In some instances, the banking system may include aninteractive voice response (IVR) portal, a mobile portal, and/or anonline portal to facilitate communications with the banking system.

Enterprise data storage platform 140 may include one or more computingdevices and/or other computer components (e.g., processors, memories,communication interfaces). In addition, and as illustrated in greaterdetail below, enterprise data storage platform 140 may be configured toreceive information from, send information to, and/or otherwise exchangeinformation with one or more devices as described herein. The locationwhere enterprise data storage platform 140 is deployed may be remotefrom identity management and recommendation computing platform 110and/or user computing device 120 and/or enterprise server infrastructure130. In addition, and as illustrated in greater detail below, enterprisedata storage platform 140 may be configured to store and/or otherwisemaintain enterprise data. Additionally, or alternatively, enterpriseserver infrastructure 130 may be configured to store and/or otherwisemaintain enterprise data. For example, enterprise server infrastructure130 may be configured to store and/or otherwise maintain task templatesassociated with users, historical data related to users, biometricidentifiers associated with users, behavioral identifiers associatedwith users, location data of computing devices, and so forth.Additionally, or alternatively, enterprise server infrastructure 130 mayload data from enterprise data storage platform 140, manipulate and/orotherwise process such data, and return modified data and/or other datato enterprise data storage platform 140 and/or to other computer systemsincluded in computing environment 100.

In some embodiments, enterprise data storage platform 140 may storecustomer profiles. The customer profiles may include customerinformation relating to an enterprise organization customer. Customerinformation may include, for example, the name of the customer, contactinformation for the customer, and account information for the customer.Customer information may also include information that the enterpriseorganization may utilize to determine the identity or authenticate anindividual such as biometric identifying information, answers tosecurity questions, phone numbers or one or more network addresses fromwhich the individual previously contacted the enterprise organization,device identification numbers of devices the individual has previouslyused to contact the enterprise organization, and other types ofinformation that may be utilized to identify or authenticate anindividual. Customer information may include other types of informationrelated to enterprise organization customers.

Computing environment 100 also may include one or more networks, whichmay interconnect one or more of identity management and recommendationcomputing platform 110, user computing device 120, enterprise serverinfrastructure 130, and enterprise data storage platform 140. Forexample, computing environment 100 may include network 150. Network 150may include one or more sub-networks (e.g., local area networks (LANs),wide area networks (WANs), or the like). For example, network 150 mayinclude a private sub-network that may be associated with a particularorganization (e.g., a corporation, financial institution, educationalinstitution, governmental institution, or the like) and that mayinterconnect one or more computing devices associated with theorganization. For example, identity management and recommendationcomputing platform 110, enterprise server infrastructure 130, andenterprise data storage platform 140 may be associated with anorganization (e.g., a financial institution), and network 150 may beassociated with and/or operated by the organization, and may include oneor more networks (e.g., LANs, WANs, virtual private networks (VPNs), orthe like) that interconnect identity management and recommendationcomputing platform 110, enterprise server infrastructure 130, andenterprise data storage platform 140. Network 150 also may include apublic sub-network that may connect the private sub-network and/or oneor more computing devices connected thereto (e.g., identity managementand recommendation computing platform 110, enterprise serverinfrastructure 130, enterprise data storage platform 140) with one ormore networks and/or computing devices that are not associated with theorganization (e.g., user computing device 120).

In one or more arrangements, identity management and recommendationcomputing platform 110, user computing device 120, enterprise serverinfrastructure 130, and enterprise data storage platform 140 may be anytype of computing device capable of receiving a user interface,receiving input via the user interface, and communicating the receivedinput to one or more other computing devices. For example, identitymanagement and recommendation computing platform 110, user computingdevice 120, enterprise server infrastructure 130, enterprise datastorage platform 140, and/or the other systems included in computingenvironment 100 may, in some instances, include one or more processors,memories, communication interfaces, storage devices, and/or othercomponents. As noted above, and as illustrated in greater detail below,any and/or all of the computing devices included in computingenvironment 100 may, in some instances, be special-purpose computingdevices configured to perform specific functions.

Referring to FIG. 1B, identity management and recommendation computingplatform 110 may include one or more processor(s) 111, memory(s) 112,and communication interface(s) 113. A data bus may interconnectprocessor 111, memory 112, and communication interface 113.Communication interface 113 may be a network interface configured tosupport communication between identity management and recommendationcomputing platform 110 and one or more networks (e.g., network 150 orthe like). Memory 112 may include one or more program modules havinginstructions that when executed by processor 111 cause identitymanagement and recommendation computing platform 110 to perform one ormore functions described herein and/or one or more databases and/orother libraries that may store and/or otherwise maintain informationwhich may be used by such program modules and/or processor 111.

In some instances, the one or more program modules and/or databases maybe stored by and/or maintained in different memory units of identitymanagement and recommendation computing platform 110 and/or by differentcomputing devices that may form and/or otherwise make up identitymanagement and recommendation computing platform 110. For example,memory 112 may have, store, and/or include an identity management andrecommendation module 112 a, an identity management and recommendationdatabase 112 b, a biometrics database 112 c, and a machine learningengine 112 d. Identity management and recommendation module 112 a mayhave instructions that direct and/or cause identity management andrecommendation computing platform 110 to perform identity management andgenerate recommendations and/or perform other functions, as discussed ingreater detail below. Identity management and recommendation database112 b may store information used by identity management andrecommendation module 112 a and/or identity management andrecommendation computing platform 110 in performing identity managementand generating recommendations and/or in performing other functions.Biometric database 112 c may store biometric information (e.g.,biometric enrollment templates) used by identity management andrecommendation module 112 a and/or identity management andrecommendation computing platform 110 in conducting identity managementand generating recommendations and/or in performing other functions.Machine learning engine 112 d may have instructions that direct and/orcause identity management and recommendation computing platform 110 toset, define, and/or iteratively redefine rules, techniques and/or otherparameters used by identity management and recommendation computingplatform 110 and/or other systems in computing environment 100 inperforming identity management and generating recommendations usingmachine learning.

FIGS. 2A-2I depict an illustrative event sequence for identitymanagement and intelligent recommendation in accordance with one or moreexample embodiments. Referring to FIG. 2A, at step 201, a user of acomputing device (e.g., user computing device 120) may establish aconnection with identity management and recommendation computingplatform 110. For example, the user of the computing device (e.g., usercomputing device 120) may establish a first wireless data connectionwith identity management and recommendation computing platform 110 tolink identity management and recommendation computing platform 110 withthe user of the computing device (e.g., user computing device 120)(e.g., in preparation for sending biometric data or sending requests).In some instances, the user of the computing device (e.g., usercomputing device 120) may identify whether or not a connection isalready established with identity management and recommendationcomputing platform 110. If a connection is already established withidentity management and recommendation computing platform 110, the userof the computing device (e.g., user computing device 120) might notre-establish the connection. If a connection is not yet established withidentity management and recommendation computing platform 110, the userof the computing device (e.g., user computing device 120) may establishthe first wireless data connection as described above.

In some embodiments, an enrollment process may be implemented at steps201 to 205 (e.g., to establish stored biometric data). At step 202,identity management and recommendation computing platform 110 mayreceive, via the communication interface (e.g., communication interface113) and while the first wireless data connection is established,biometric enrollment data (e.g., a biometric sample) of the usercaptured by one or more sensors. For example, one or more biometricsensors (e.g., a fingerprint sensor, a camera, and/or other such sensorsthat may be capable of capturing biometric information) may beconfigured to capture a fingerprint, a palm print, a voiceprint, aretinal scan, an iris scan, a face scan, a vein scan, and/or the like,of the user. In some examples, the biometric enrollment data may includea finger tapping sequence, a blinking sequence, mouthing of a word, headmovement, and/or the like. At step 203, identity management andrecommendation computing platform 110 may generate a biometricenrollment template based on the biometric enrollment data. In someexamples, the biometric enrollment template may be and/or include adigital representation (e.g., a digital reference) of the distinctfeatures or characteristics extracted from the biometric sample (e.g.,raw data) captured by the one or more sensors.

At step 204, identity management and recommendation computing platform110 may establish a connection with enterprise data storage platform140. For example, identity management and recommendation computingplatform 110 may establish a second wireless data connection withenterprise data storage platform 140 to link identity management andrecommendation computing platform 110 with enterprise data storageplatform 140. In some instances, identity management and recommendationcomputing platform 110 may identify whether or not a connection isalready established with enterprise data storage platform 140. If aconnection is already established with enterprise data storage platform140, identity management and recommendation computing platform 110 mightnot re-establish the connection. If a connection is not yet establishedwith the enterprise data storage platform 140, identity management andrecommendation computing platform 110 may establish the second wirelessdata connection as described above.

Referring to FIG. 2B, at step 205, identity management andrecommendation computing platform 110 may transmit, via thecommunication interface (e.g., communication interface 113) and whilethe second wireless data connection is established, the biometricenrollment template for storage in association with one or more useraccounts. For example, the biometric enrollment template may betransmitted for storage in a biometric database. As shown in FIG. 1B,biometric database 112 c may be part of the identity management andrecommendation computing platform 110. In other examples, the biometricdatabase may be located in enterprise data storage platform 140. Stillin other examples, the biometric database may be located in variousother locations without departing from the scope of the presentdisclosure, including but not limited to enterprise serverinfrastructure 130. In some examples, the enrollment process may berepeated one or more times to continue to refine and update thebiometrics enrollment template.

At step 206, based on receiving the biometric enrollment data of theuser, identity management and recommendation computing platform 110 mayregister an account for the user. For example, identity management andrecommendation computing platform 110 may store the user's information,including provided biometric information, in a database of allregistered users. In some embodiments, identity management andrecommendation computing platform 110 may register an account for theuser without requiring the user to provide additional identifyinginformation (e.g., biometrics alone may allow a user to establish anaccount). For instance, the user might not be required to provideidentifying information generally required for opening an account, whichmay include multiple forms of photo identification, a unique numericalidentifier, a current residential address, contact information (e.g.,name, address, phone number, email address), and/or proof of residency.

In some arrangements, identity management and recommendation computingplatform 110 may cause the user computing device (e.g., user computingdevice 120) to display and/or otherwise present one or more graphicaluser interfaces similar to graphical user interface 300, which isillustrated in FIG. 3 . As seen in FIG. 3 , graphical user interface 300may include text and/or other information associated with establishingan account using biometrics, including one or more user-selectableoptions that allow a user to select from one or more methods ofbiometric identification (e.g., “Welcome to account setup. Please selecta biometric identification method. [Fingerprint/Palm print . . . ][Voiceprint . . . ] [Face/Retinal/Iris Scan . . . ] [Vein Scan . . .]”). It will be appreciated that other and/or different notificationsmay also be provided.

In some instances, identity management and recommendation computingplatform 110 may identify whether or not an account associated with theuser is already established with an enterprise organization (e.g., afinancial institution). If an account associated with the user isalready established with an enterprise organization, identity managementand recommendation computing platform 110 might not establish anotheraccount and allow the user to proceed with transactions using one ormore existing accounts. If an account is not yet established with anenterprise organization (e.g., a financial institution), identitymanagement and recommendation computing platform 110 may establish theaccount as described above.

In some embodiments, at step 207, identity management and recommendationcomputing platform 110 may receive, via the communication interface(e.g., communication interface 113) and while the first wireless dataconnection is established, from a computing device, a request to accessinformation associated with one or more user accounts. In some examples,the one or more user accounts may include an account (e.g., other thanthe user's account) for which the user is an authorized co-user.

At step 208, identity management and recommendation computing platform110 may send, via the communication interface (e.g., communicationinterface 113) and while the first wireless data connection isestablished, to the computing device (e.g., user computing device 120),a biometric authentication prompt for identifying a user of thecomputing device (e.g., user of user computing device 120). In someexamples, the biometric authentication prompt may be configured toprompt the user of a mobile device to provide biometric input via abiometric sensor integrated into the mobile device. For instance,identity management and recommendation computing platform 110 may causea push notification service to send a push notification to the mobiledevice.

Referring to FIG. 2C, at step 209, identity management andrecommendation computing platform 110 may receive, from the computingdevice (e.g., user computing device 120), biometric input of the user.In some examples, the biometric input of the user may include receivinghand-related features or head-related features of the user. Forinstance, the biometric input of the user may include one or more of: afingerprint, a palm print, a voiceprint, a retinal scan, an iris scan, aface scan, or a vein scan of the user.

At step 210, identity management and recommendation computing platform110 may retrieve one or more biometric enrollment templates from adatabase. As described above, the database may be biometric database 112c. Still in other examples, the biometric database may be located invarious other locations without departing from the scope of the presentdisclosure, including but not limited to enterprise serverinfrastructure 130, and/or enterprise data storage platform 140.

At step 211, identity management and recommendation computing platform110 may perform a matching algorithm. For example, identity managementand recommendation computing platform 110 may apply a matching algorithmto compare the biometric input to the one or more biometric enrollmenttemplates to determine if a match exists between the biometric input andone of the one or more biometric enrollment templates. In someinstances, the matching algorithm may take into account a number offeatures regarding the biometric input, such as a confidence intervalassociated with the biometric input. In some examples the matchingalgorithm may determine a relative match amount or relative matchpercentage to quantify a degree to which the biometric input and the oneor more biometric enrollment templates match. The relative match amountor relative match percentage may be compared to a match threshold todetermine if the biometric input sufficiently matches the one or morebiometric enrollment templates. At step 212, identity management andrecommendation computing platform 110 may authenticate the user basedupon a match of the biometric input and one of the one or more biometricenrollment templates.

With reference to FIG. 2D, at step 213, identity management andrecommendation computing platform 110 may establish a connection withenterprise server infrastructure 130. For example, identity managementand recommendation computing platform 110 may establish a third wirelessdata connection with enterprise server infrastructure 130 to linkidentity management and recommendation computing platform 110 withenterprise server infrastructure 130. In some instances, identitymanagement and recommendation computing platform 110 may identifywhether or not a connection is already established with the enterpriseserver infrastructure 130. If a connection is already established withenterprise server infrastructure 130, identity management andrecommendation computing platform 110 might not re-establish theconnection. If a connection is not yet established with enterpriseserver infrastructure 130, identity management and recommendationcomputing platform 110 may establish the third wireless data connectionas described above.

At step 214, responsive to the user being authenticated using thebiometric input, identity management and recommendation computingplatform 110 may retrieve information associated with the one or moreuser accounts. In some embodiments, identity management andrecommendation computing platform 110 may identify all accounts capableof conducting transactions for the recipient. In some examples, identitymanagement and recommendation computing platform 110 may identifyaccounts at a single financial institution. In other examples, identitymanagement and recommendation computing platform 110 may identifymultiple accounts over different financial institutions. In retrievinginformation associated with one or more user accounts, identitymanagement and recommendation computing platform 110 may transmit a useridentity verification to an enterprise server (e.g., enterprise serverinfrastructure 130), for instance, to verify that the user of thecomputing device (e.g., user of user computing device 120) is authorizedto access specific data or services, and retrieve the informationassociated with the user account from the enterprise server (e.g.,enterprise server infrastructure 130).

At step 215, identity management and recommendation computing platform110 may send, via the communication interface (e.g., communicationinterface 113) and while the first wireless data connection isestablished, the information associated with the one or more useraccounts to the computing device (e.g., user computing device 120). Inthis way, based on identifying a user via biometrics, identitymanagement and recommendation computing platform 110 may quicklydetermine accounts for which the user is allowed access to, and accountsfor which the user may be an associate of, without cumbersome steps orsignificant costs (e.g., the user need not specify details such as whichexact account they are trying to access, who the main account holder is,etc.).

In some embodiments, at step 216, identity management and recommendationcomputing platform 110 may receive, via the communication interface(e.g., communication interface 113) and while the first wireless dataconnection is established, from a computing device, a request toinitiate a payment transaction associated with one or more useraccounts.

Referring to FIG. 2E, at step 217, identity management andrecommendation computing platform 110 may send, via the communicationinterface (e.g., communication interface 113) and while the firstwireless data connection is established, to the computing device (e.g.,user computing device 120), a biometric authentication prompt foridentifying the user of the computing device (e.g., user of usercomputing device 120). In some examples, the biometric authenticationprompt may be configured to prompt the user of a mobile device toprovide biometric input via a biometric sensor integrated into themobile device. For instance, identity management and recommendationcomputing platform 110 may cause a push notification service to send apush notification to the mobile device.

At step 218, identity management and recommendation computing platform110 may receive, from the computing device (e.g., user computing device120), biometric input of the user. In some examples, the biometric inputof the user may include receiving hand-related features or head-relatedfeatures of the user. For instance, the biometric input of the user mayinclude one or more of: a fingerprint, a palm print, a voiceprint, aretinal scan, an iris scan, a face scan, or a vein scan of the user.

At step 219, identity management and recommendation computing platform110 may retrieve one or more biometric enrollment templates from adatabase. As described above, the database may be biometric database 112c. Still in other examples, the biometric database may be located invarious other locations without departing from the scope of the presentdisclosure, including but not limited to enterprise serverinfrastructure 130, and/or enterprise data storage platform 140.

At step 220, identity management and recommendation computing platform110 may perform a matching algorithm. For example, identity managementand recommendation computing platform 110 may apply a matching algorithmto compare the biometric input to the one or more biometric enrollmenttemplates to determine if a match exists between the biometric input andone of the one or more biometric enrollment templates. In someinstances, the matching algorithm may take into account a number offeatures regarding the biometric input, such as a confidence intervalassociated with the biometric input. In some examples the matchingalgorithm may determine a relative match amount or relative matchpercentage to quantify a degree to which the biometric input and the oneor more biometric enrollment templates match. The relative match amountor relative match percentage may be compared to a match threshold todetermine if the biometric input sufficiently matches the one or morebiometric enrollment templates.

Referring to FIG. 2F, at step 221, identity management andrecommendation computing platform 110 may authenticate the user basedupon a match of the biometric input and one of the one or more biometricenrollment templates. At step 222, responsive to the user beingauthenticated using the biometric input, identity management andrecommendation computing platform 110 may send, via the communicationinterface (e.g., communication interface 113) and while the thirdwireless data connection is established, a notification comprising atransaction verification to an enterprise server (e.g., authorize apayment transaction using one or more accounts). In some arrangements,biometrics may be combined with a card (e.g., a physical card) to make apayment, and in other arrangements, biometrics alone may allow a user topay (e.g., without the card).

In some embodiments, at step 223, identity management and recommendationcomputing platform 110 may process the biometric input (e.g., receivedat step 209, 218) to identify (e.g., detect) duress informationassociated with the biometric input of the user. In some examples,identity management and recommendation computing platform 110 may, usingartificial intelligence and/or machine learning, recognize biometricstress indicators such as dilated pupils, fast breathing, facialtension, stiff posture, increased voice pitch, and/or the like. In someexamples, during an enrollment process (e.g., at steps 201 through 205),a user of a computing device (e.g., user computing device 120) maychoose to provide (e.g., register) alternate biometric configurations(e.g., an alternate blinking or finger tapping sequence) that may beused to indicate that the user is under duress. This alternate biometricconfiguration may be transmitted to identity management andrecommendation computing platform 110 to covertly signal that the useris under duress and that help is needed.

At step 224, based on the identified duress information, identitymanagement and recommendation computing platform 110 may generate andsend, via the communication interface (e.g., communication interface113) and while the third wireless data connection is established, one ormore notifications. For example, identity management and recommendationcomputing platform 110 may send one or more alert messages to anenterprise server (e.g., enterprise server infrastructure) and/ortrigger a response (e.g., freeze accounts, dial emergency services). Inturn, referring to FIG. 2G, at step 225, identity management andrecommendation computing platform 110 may halt or terminate a pendingoperation requiring biometric authentication. For instance, identitymanagement and recommendation computing platform 110 may halt orterminate access operations requested at step 207 (e.g., for retrievinginformation associated with the one or more accounts) or transactionoperations requested at step 216 (e.g., for payment transactionsassociated with the one or more accounts).

At steps 226 to 227, identity management and recommendation computingplatform 110 may monitor transaction and usage associated with one ormore user accounts (e.g., one or more accounts associated with the userof user computing device 120). For example, at step 226, user computingdevice 120 may send historical transaction/usage information to identitymanagement and recommendation computing platform 110. For example, usercomputing device 120 may send historical transaction/usage informationto identity management and recommendation computing platform 110 whilethe first wireless data connection is established.

In some instances, in sending the historical transaction/usageinformation, user computing device 120 may send prior transactionrequests, usage data, determinations of asset/liability account andbalances associated with the user computing device 120, and/or otherinformation. In some instances, the prior transaction requests or usagedata may include commercial transactions, currency transfers, and/orother activities. In some instances, the prior transactions/usage mayhave been made by the user via the user computing device 120 and/or abanking device, mobile device, application, and/or other methods.

At step 227, identity management and recommendation computing platform110 may receive the historical transaction/usage information from usercomputing device 120. For example, identity management andrecommendation computing platform 110 may receive the historicaltransaction/usage information via the communication interface 113 andwhile the first wireless data connection is established. In someinstances, the historical transaction/usage information may be stored ininternal memory of identity management and recommendation computingplatform 110, and/or external memory.

At step 228, identity management and recommendation computing platform110 may configure and/or otherwise train a machine learning model (e.g.,via machine learning engine 112 d) based on the data received at step219. In some instances, to configure and/or otherwise train the machinelearning model, identity management and recommendation computingplatform 110 may process all (or a subset) of the data received at step227 by applying natural language processing and/or other processingtechniques/algorithms to generate and store one or more classificationmodels. For example, in configuring and/or otherwise training themachine learning model, identity management and recommendation computingplatform 110 may apply natural language processing to the historicaltransaction/usage information to identify keywords in the priortransaction processing requests to group the prior transactionprocessing requests based on those identified keywords.

Additionally or alternatively, in configuring and training the machinelearning model, identity management and recommendation computingplatform 110 may also analyze the historical transaction/usageinformation for past user transactions to determine next steps orfurther action that may be taken. For example, based on a user's pasttransactions associated with usage of an account or a portfolio ofaccounts, identity management and recommendation computing platform 110may instruct the machine learning model to automatically recommend nextsteps or further action that may be taken, connect the user to supportor advisory services (e.g., which bank to go to and what application tofill out), and/or the like. Additionally or alternatively, identitymanagement and recommendation computing platform 110 may give themachine learning model this instruction based on the user's pasttransactions.

Referring to FIG. 2H, at step 229, based on the trained machine learningmodel, identity management and recommendation computing platform 110 maygenerate one or more recommendations associated with thetransaction/usage, and send, via the communication interface (e.g.,communication interface 113), the one or more recommendations to theuser computing device (e.g., user computing device 120). In generatingthe one or more recommendations associated with the transaction/usage,identity management and recommendation computing platform 110 may, forexample, provide a recommendation for a particular banking servicecenter for additional help, provide a recommendation of applications orforms to fill out, provide a recommendation for affiliate supportservices, provide the user with suggestions on next steps or furtheraction that may be taken, and/or the like while the first wireless dataconnection is established. In some examples, the one or morerecommendations may be provided in a user preferred language.

At step 230, identity management and recommendation computing platform110 may cause the user computing devices 120 to display the one or morerecommendations. For example, identity management and recommendationcomputing platform 110 may cause the user computing device (e.g., usercomputing device 120) to display and/or otherwise present one or moregraphical user interfaces similar to graphical user interface 400, whichis illustrated in FIG. 4 . As seen in FIG. 4 , graphical user interface400 may include text and/or other information associated with providingintelligent personalized recommendations (e.g., “Welcome to yourpersonalized recommendation service. Based on your transaction history,may we recommend: [Banking service center . . . ] [Applications/Forms .. . ] [Affiliate support services . . . ] [Next steps . . . ]”). It willbe appreciated that other and/or different notifications may also beprovided.

At steps 231 to 232, identity management and recommendation computingplatform 110 may monitor subsequent transaction and usage informationassociated with one or more user accounts (e.g., one or more accountsassociated with the user of user computing device 120). For example, atstep 231, user computing device 120 may send subsequenttransaction/usage information to identity management and recommendationcomputing platform 110. For example, user computing device 120 may sendsubsequent transaction and usage information to identity management andrecommendation computing platform 110 while the first wireless dataconnection is established.

At step 232, identity management and recommendation computing platform110 may receive the subsequent transaction/usage information from usercomputing device 120. For example, identity management andrecommendation computing platform 110 may receive the subsequenttransaction/usage information via the communication interface 113 andwhile the first wireless data connection is established. In someinstances, the subsequent transaction/usage information may be stored ininternal memory of identity management and recommendation computingplatform 110, and/or external memory.

Referring to FIG. 2I, at step 233, identity management andrecommendation computing platform 110 may update and/or validate themachine learning model (e.g., via machine learning engine 112 d) basedon the subsequent data received at step 232. In turn, at step 234, basedon the updated/validated machine learning model, identity management andrecommendation computing platform 110 may generate one or more updatedrecommendations associated with the transaction/usage, and send, via thecommunication interface (e.g., communication interface 113), the one ormore updated recommendations to the user computing device (e.g., usercomputing device 120). At step 235, identity management andrecommendation computing platform 110 may cause the user computingdevice (e.g., user computing device 120) to display the updated one ormore recommendations.

FIG. 5 depicts an illustrative method for identity management andintelligent recommendation in accordance with one or more exampleembodiments. Referring to FIG. 5 , at step 505, a computing platformhaving at least one processor, a communication interface, and memorymay, receive an account access or payment request from a computingdevice. At step 510, the computing platform may send a biometricauthentication prompt to the computing device for identifying a user ofthe computing device. At step 515, the computing platform may receive,from the computing device, biometric input of the user. At step 520, thecomputing platform may retrieve one or more biometric enrollmenttemplates from a database. At step 525, the computing platform maycompare the biometric input to the one or more biometric enrollmenttemplates to determine if a match exists between the biometric input andone of the one or more biometric enrollment templates. At step 530, thecomputing platform may authenticate the user based upon a match of thebiometric input and one of the one or more biometric enrollmenttemplates. At step 535, responsive to the user being authenticated usingthe biometric input, the computing platform may retrieve and sendinformation associated with the one or more user accounts to thecomputing device or verify a payment transaction. At step 540, thecomputing platform may generate, using a machine learning model, one ormore recommendations associated with usage of the one or more useraccounts. At step 545, the computing platform may send the one or morerecommendations to the computing device.

One or more aspects of the disclosure may be embodied in computer-usabledata or computer-executable instructions, such as in one or more programmodules, executed by one or more computers or other devices to performthe operations described herein. Generally, program modules includeroutines, programs, objects, components, data structures, and the likethat perform particular tasks or implement particular abstract datatypes when executed by one or more processors in a computer or otherdata processing device. The computer-executable instructions may bestored as computer-readable instructions on a computer-readable mediumsuch as a hard disk, optical disk, removable storage media, solid-statememory, RAM, and the like. The functionality of the program modules maybe combined or distributed as desired in various embodiments. Inaddition, the functionality may be embodied in whole or in part infirmware or hardware equivalents, such as integrated circuits,application-specific integrated circuits (ASICs), field programmablegate arrays (FPGA), and the like. Particular data structures may be usedto more effectively implement one or more aspects of the disclosure, andsuch data structures are contemplated to be within the scope of computerexecutable instructions and computer-usable data described herein.

Various aspects described herein may be embodied as a method, anapparatus, or as one or more computer-readable media storingcomputer-executable instructions. Accordingly, those aspects may takethe form of an entirely hardware embodiment, an entirely softwareembodiment, an entirely firmware embodiment, or an embodiment combiningsoftware, hardware, and firmware aspects in any combination. Inaddition, various signals representing data or events as describedherein may be transferred between a source and a destination in the formof light or electromagnetic waves traveling through signal-conductingmedia such as metal wires, optical fibers, or wireless transmissionmedia (e.g., air or space). In general, the one or morecomputer-readable media may be and/or include one or more non-transitorycomputer-readable media.

As described herein, the various methods and acts may be operativeacross one or more computing servers and one or more networks. Thefunctionality may be distributed in any manner, or may be located in asingle computing device (e.g., a server, a client computer, and thelike). For example, in alternative embodiments, one or more of thecomputing platforms discussed above may be combined into a singlecomputing platform, and the various functions of each computing platformmay be performed by the single computing platform. In such arrangements,any and/or all of the above-discussed communications between computingplatforms may correspond to data being accessed, moved, modified,updated, and/or otherwise used by the single computing platform.Additionally or alternatively, one or more of the computing platformsdiscussed above may be implemented in one or more virtual machines thatare provided by one or more physical computing devices. In sucharrangements, the various functions of each computing platform may beperformed by the one or more virtual machines, and any and/or all of theabove-discussed communications between computing platforms maycorrespond to data being accessed, moved, modified, updated, and/orotherwise used by the one or more virtual machines.

Aspects of the disclosure have been described in terms of illustrativeembodiments thereof. Numerous other embodiments, modifications, andvariations within the scope and spirit of the appended claims will occurto persons of ordinary skill in the art from a review of thisdisclosure. For example, one or more of the steps depicted in theillustrative figures may be performed in other than the recited order,and one or more depicted steps may be optional in accordance withaspects of the disclosure.

What is claimed is:
 1. A computing platform, comprising: at least oneprocessor; a communication interface communicatively coupled to the atleast one processor; and memory storing computer-readable instructionsthat, when executed by the at least one processor, cause the computingplatform to: receive, via the communication interface, from a computingdevice associated with a user, a request to gain access to one or moreaccounts associated with the user; send, via the communicationinterface, to the computing device associated with the user, a biometricauthentication prompt for identifying the user of the computing device,wherein sending the biometric authentication prompt causes the computingdevice associated with the user to display the biometric authenticationprompt; receive, via a biometric sensor of the computing device,biometric input of the user; retrieve one or more biometric enrollmenttemplates from a database; compare the biometric input of the user tothe one or more biometric enrollment templates to determine if a matchexists between the biometric input of the user and one of the one ormore biometric enrollment templates; authenticate, based upon a match ofthe biometric input and one of the one or more biometric enrollmenttemplates, the user to all accounts of the one or more accountsassociated with the user, without requiring the user to provideadditional access credentials beyond the biometric input; responsive tothe user being authenticated using the biometric input, generate andsend, using a machine learning model and based on transaction history ofthe user during a data connection with the computing device, one or morepersonalized recommendations related to the one or more accountsassociated with the user, wherein generating the one or morepersonalized recommendations includes suggesting resources for furtheraction that may be taken by the user; cause the computing device todisplay, on a user interface, the one or more personalizedrecommendations related to the one or more accounts associated with theuser; responsive to using the machine learning model, receive subsequenttransaction information from the computing device of the user during thedata connection; apply the subsequent transaction information to themachine learning model; responsive to the applying, validate the machinelearning model; generate, by the validated machine learning model, anupdated recommendation for the computing device; register an alternativebiometric configuration based on configuration information received fromthe computing device during enrollment by the user, wherein thealternative biometric configuration is indicative that the user would beunder duress when subsequently detected and wherein the alternativebiometric configuration comprises at least one registered physicalindicator presented by the user; detect when the alternative biometricconfiguration occurs from the biometric input of the user during thedata connection; and responsive to the detecting, send, via thecommunication interface, one or more notifications, wherein the one ormore notifications is indicative that the user is under duress duringthe data connection.
 2. The computing platform of claim 1, wherein thememory stores additional computer-readable instructions that, whenexecuted by the at least one processor, cause the computing platform to,during an enrollment process: receive, via the communication interface,biometric enrollment data of the user captured by the biometric sensor;generate a biometric enrollment template based on the biometricenrollment data; and transmit the biometric enrollment template forstorage in association with one or more accounts associated with theuser.
 3. The computing platform of claim 2, further comprising: based onreceiving the biometric enrollment data of the user, register an accountfor the user without requiring the user to provide additionalidentifying information, wherein the account is a bank account at afinancial institution.
 4. The computing platform of claim 1, whereinretrieving information associated with the one or more accountsassociated with the user comprises transmitting a user identityverification to an enterprise server and retrieving the informationassociated with the one or more accounts from the enterprise server. 5.The computing platform of claim 1, wherein the one or more accountsassociated with the user comprises an account for which the user is anauthorized co-user.
 6. The computing platform of claim 1, wherein thebiometric authentication prompt is configured to prompt the user of amobile device to provide the biometric input via the biometric sensorintegrated into the mobile device.
 7. The computing platform of claim 1,wherein receiving the biometric input of the user comprises receivinghand-related features or head-related features of the user.
 8. Thecomputing platform of claim 1, wherein receiving the biometric input ofthe user comprises receiving one or more of: a fingerprint, a palmprint, a voiceprint, a retinal scan, an iris scan, a face scan, or avein scan of the user.
 9. The computing platform of claim 1, wherein thememory stores additional computer-readable instructions that, whenexecuted by the at least one processor, cause the computing platform to:receive, via the biometric sensor of the computing device, a secondbiometric input of the user to initiate a payment transaction associatedwith one or more accounts associated with the user; compare the secondbiometric input of the user to the one or more biometric enrollmenttemplates to determine if a match exists between the second biometricinput of the user and one of the one or more biometric enrollmenttemplates; authenticate, based upon a match of the second biometricinput and one of the one or more biometric enrollment templates, theuser to all accounts of the one or more accounts associated with theuser; and responsive to the user being authenticated using the secondbiometric input, transmit a notification comprising a transactionverification to an enterprise server.
 10. The computing platform ofclaim 1, wherein sending the one or more notifications comprises sendingone or more alert messages to an enterprise server.
 11. A method,comprising: at a computing platform comprising at least one processor, acommunication interface, and memory: receiving, by the at least oneprocessor, via the communication interface, from a computing deviceassociated with a user, a request to gain access to one or more accountsassociated with the user; sending, by the at least one processor, viathe communication interface, to the computing device associated with theuser, a biometric authentication prompt for identifying the user of thecomputing device, wherein sending the biometric authentication promptcauses the computing device associated with the user to display thebiometric authentication prompt; receiving, by the at least oneprocessor, via a biometric sensor of the computing device, biometricinput of the user; retrieving, by the at least one processor, one ormore biometric enrollment templates from a database; comparing, by theat least one processor, the biometric input of the user to the one ormore biometric enrollment templates to determine if a match existsbetween the biometric input of the user and one of the one or morebiometric enrollment templates; authenticating, by the at least oneprocessor, based upon a match of the biometric input and one of the oneor more biometric enrollment templates, the user to all accounts of theone or more accounts associated with the user, without requiring theuser to provide additional access credentials beyond the biometricinput; responsive to the user being authenticated using the biometricinput, generating and sending, by the at least one processor, using amachine learning model and based on transaction history of the userduring a data connection with the computing device, one or morepersonalized recommendations related to the one or more accountsassociated with the user, wherein generating the one or morepersonalized recommendations includes suggesting resources for furtheraction that may be taken by the user; causing the computing device todisplay, on a user interface, the one or more personalizedrecommendations related to the one or more accounts associated with theuser; responsive to using the machine learning model, receivingsubsequent transaction information from the computing device of the userduring the data connection; applying the subsequent transactioninformation to the machine learning model; responsive to the applying,validating the machine learning model; generating, by the validatedmachine learning model, an updated recommendation for the computingdevice; registering an alternative biometric configuration based onconfiguration information received from the computing device duringenrollment by the user, wherein the alternative biometric configurationis indicative that the user would be under duress when subsequentlydetected and wherein the alternative biometric configuration comprisesat least one registered physical indicator presented by the user;detecting when the alternative biometric configuration occurs from thebiometric input of the user during the data connection; and responsiveto the detecting, sending, via the communication interface, one or morenotifications, wherein the one or more notifications is indicative thatthe user is under duress during the data connection.
 12. The method ofclaim 11, further comprising, during an enrollment process: receiving,by the at least one processor, via the communication interface,biometric enrollment data of the user captured by the biometric sensor;generating, by the at least one processor, a biometric enrollmenttemplate based on the biometric enrollment data; and transmitting, bythe at least one processor, the biometric enrollment template forstorage in association with one or more accounts associated with theuser.
 13. The method of claim 12, further comprising: based on receivingthe biometric enrollment data of the user, registering, by the at leastone processor, an account for the user without requiring the user toprovide additional identifying information, wherein the account is abank account at a financial institution.
 14. The method of claim 11,wherein retrieving information associated with the one or more accountsassociated with the user comprises transmitting a user identityverification to an enterprise server and retrieving the informationassociated with the one or more accounts from the enterprise server. 15.The method of claim 11, wherein the one or more accounts associated withthe user comprises an account for which the user is an authorizedco-user.
 16. The method of claim 11, wherein the biometricauthentication prompt is configured to prompt the user of a mobiledevice to provide the biometric input via the biometric sensorintegrated into the mobile device.
 17. The method of claim 11, whereinreceiving the biometric input of the user comprises receivinghand-related features or head-related features of the user.
 18. Themethod of claim 11, further comprising: receiving, by the at least oneprocessor, via the biometric sensor of the computing device, a secondbiometric input of the user to initiate a payment transaction associatedwith one or more accounts associated with the user; comparing, by the atleast one processor, the second biometric input of the user to the oneor more biometric enrollment templates to determine if a match existsbetween the second biometric input of the user and one of the one ormore biometric enrollment templates; authenticating, by the at least oneprocessor, based upon a match of the second biometric input and one ofthe one or more biometric enrollment templates, the user to all accountsof the one or more accounts associated with the user; and responsive tothe user being authenticated using the second biometric input,transmitting, by the at least one processor, a notification comprising atransaction verification to an enterprise server.
 19. One or morenon-transitory computer-readable media storing instructions that, whenexecuted by a computing platform comprising at least one processor, acommunication interface, and memory, cause the computing platform to:receive, via the communication interface, from a computing deviceassociated with a user, a request to gain access to one or more accountsassociated with the user; send, via the communication interface, to thecomputing device associated with the user, a biometric authenticationprompt for identifying the user of the computing device, wherein sendingthe biometric authentication prompt causes the computing deviceassociated with the user to display the biometric authentication prompt;receive, via a biometric sensor of the computing device, biometric inputof the user; retrieve one or more biometric enrollment templates from adatabase; compare the biometric input of the user to the one or morebiometric enrollment templates to determine if a match exists betweenthe biometric input of the user and one of the one or more biometricenrollment templates; authenticate, based upon a match of the biometricinput and one of the one or more biometric enrollment templates, theuser to all accounts of the one or more accounts associated with theuser, without requiring the user to provide additional accesscredentials beyond the biometric input; responsive to the user beingauthenticated using the biometric input, generate and send, using amachine learning model and based on transaction history of the userduring a data connection with the computing device, one or morepersonalized recommendations related to the one or more accountsassociated with the user, wherein generating the one or morepersonalized recommendations includes suggesting resources for furtheraction that may be taken by the user; cause the computing device todisplay, on a user interface, the one or more personalizedrecommendations related to the one or more accounts associated with theuser; responsive to using the machine learning model, receive subsequenttransaction information from the computing device of the user during thedata connection; apply the subsequent transaction information to themachine learning model; responsive to the applying, validate the machinelearning model; generate, by the validated machine learning model, anupdated recommendation for the computing device; register an alternativebiometric configuration based on configuration information received fromthe computing device during enrollment by the user, wherein thealternative biometric configuration is indicative that the user would beunder duress when subsequently detected and wherein the alternativebiometric configuration comprises at least one registered physicalindicator presented by the user; detect when the alternative biometricconfiguration occurs from the biometric input of the user during thedata connection; and responsive to the detecting, send, via thecommunication interface, one or more notifications, wherein the one ormore notifications is indicative that the user is under duress duringthe data connection.